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EXAMINER'S ANSWER 



This is in response to the appeal brief filed 4/17/2006 appealing from the Office action 
mailed 3/15/2006. 
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(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial proceedings 
which will directly affect or be directly affected by or have a bearing on the Board's 
decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is incorrect. A correct 
statement of the status of the claims is as follows: 
This appeal involves claims 1-20. 
Claims 1-5, 8-20 are rejected. 
Claims 6, and 7 are allowed. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection contained in 
the brief is correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 
WITHDRAWN REJECTIONS 

The following grounds of rejection are not presented for review on appeal because they 
have been withdrawn by the examiner. The USC 1 12 rejection of Claim 5 has been 
withdrawn by the examiner. The USC 103 rejection of claims 6, and 7 have been 
withdrawn by the examiner. 
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(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 
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Bluetooth Specification Version l.OB 11-1999 
(9) Grounds of Rejection 

The following gr6und(s) of rejection are applicable to the appealed claims: 

Claim Rejections - 35 USC § 103 

. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for ail 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 3, 4, 9, 11-15, 17, and 19, are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Berlin US 5,915,021 in view of Jaisimha US 6,487,663 
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As per claims 1,3,4, 9, 14, and 15 Herlin teaches activating a communication link 
between devices (Col 5 lines 35-40). Herlin teaches transmitting data between devices 
for performing an authentication session, specifically the mobile station authenticates the 
base station, wherein a first key is generated, (Col 5 lines 35-48). Herlin teaches that the 
first authentication session generates a first key (kl), (Col 5 lines 40). Although not 
explicitly stated, if the first authentication fails, the procedure will not continue. Herlin 
teaches that a second, subsequent authentication session, specifically where the base 
station authenticates the mobile station, and generates a second key (k2), (Col 5 Hne 45). 
Herlin teaches that this second key is then used to communicate securely, (Col 5 line 48). 
Herlin does not teach transferring audio or visual content. 

Jaisimha teaches a media player and media server that exchange audio or visual content, 
(Col 4 lines 36-42). 

It would have been obvious to employ the authentication and encryption of Herlin, with 
the Media Player of Jaisimha because the authentication would enhance the security of 
the media system. 

As per claim 11, Herlin teaches means for receiving information and decrypting the 

information using a link key, (Col 5 lines 45-50). 

As per claim 12, Herlin teaches the device is portable, (Col 6 line 61). 

As per claim 13, Herlin teaches the device comprises means for wireless communication, 

(Col 7 lines 28-45). 

As per claim 17, Jaismha teaches determining a compliance level before transferring data, 
(Col 2 lines 43-46). 
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As per claim 19, the authentication of Herlin proves that the device is trustworthy, (Col 5 
lines 45-47). 

Jaisimha provides for the downloading of audiovisual content (Col 4 lines 36-42). 

Claims 2, 5, and 16 are rejected under 35 U.S.C, 103(a) as being unpatentable over 
Herlin US 5,915,021 in view of Jaisimha US 6,487,663 in view of Bluetooth Security 
Specification Version l.OB. 

As per claims 2, 5, and 16 The previous Herlin- Jaisimha combination teaches generation 
of a first key and a second key. Herlin fails to teach key merging. 
Bluetooth teaches using a first key and a second key and merging them in an XOR 
fashion to create a new link key, page 156 lines 1-3. It would have been obvious to one 
of ordinary skill in the art to combine the first and second keys of Herlin to create a more 
secure system. 

Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Herlin US 
5,915,021 in view of Jaisimha US 6,487,663 in view of HoUoway US 5,604,802. 

As per claim 8, the previous Herlin- Jaisimha combination does not teach key merging. 
Holloway teaches encrypting one key with another and sending it to a recipient, (Col 9 
lines 45-53). It would have been obvious to one of ordinary skill in the art to use kl of 
Herlin as the key encrypting key of k2 because it is a one time key and would increase 
security. 



Application/Control Number: 09/982,260 Page 6 

Art Unit: 2134 

Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over Herlin US 
5,915,021 in view of Jaisimha US 6,487,663 in view of Crane US 6,839,437. 

As per claim 10, the previous Herlin- Jaisimha combination does not teach API's. 
Crane teaches use of APIs with cryptographic operations and a common data security 
architecture, (Col 4 lines 19-25, 56-65). 

It would have been obvious to one of ordinary skill in the art to modify the system of 
Herlin with the API of Crane because the API allows for greater flexibility for the design 
of the system. 

Claims 18, and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Herlin US 5,915,021 in view of Jaisimha US 6,487,663 in view of Moskowitz US 
6,598,162 

As per claims 1 8, and 20, the previous Herlin- Jaisimha combination teaches 
authentication but does not teach limiting quality of the media. 
Moskowitz teaches limiting the quality of media based on authorization rights, (Col 4 
lines 35-50). 

It would have been obvious to one of ordinary skill in the art to use the reduced quality 
media with the security of Herlin-Jaisimha because it allows for unauthorized users to 
sample a product before deciding to purchase it. 
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(10) Response to Argument 
II. 

Heriin teaches activating a communication link between devices (Col 5 lines 35-40). 
Herlin teaches transmitting data between devices for performing an authentication 
session, specifically the mobile station authenticates the base station, wherein a first key 
is generated, (Col 5 lines 35-48). Herlin teaches that the first authentication session 
generates a first key (kl), (Col 5 lines 40). Although not explicitly stated, if the first 
authentication fails, the procedure will not continue. Herlin teaches that a second, 
subsequent authentication session, specifically where the base station authenticates the 
mobile station, and generates a second key (k2), (Col 5 line 45). Herlin teaches that this 
second key is then used to communicate securely, (Col 5 line 48). 
Herlin does not teach transferring audio or visual content. 

Jaisimha teaches a media player and media server that exchange audio or visual content, 
(Col 4 lines 36-42). 

It would have been obvious to employ the authenticafion and encryption of Herlin, with 
the Media Player of Jaisimha because the authentication would enhance the security of 
the media system. 

Appealed Claim 1 

The appellant asserts that Herlin does not teach a first session key generated in a first 
authentication session, and generating a second session key in a subsequent 
authentication. The examiner disagrees. Herlin teaches a first authentication where the 
mobile station authenticates the base station, and then a subsequent authentication where 
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the base station authenticates the mobile station, (Col 5 lines 35-48). A key is generated 
in each instance. The appellant has also stated that there is no reasonable expectation of 
success using keys and an authentication process in Jaisimha. The examiner disagrees. 
Jaisimha is merely relied upon to teach that the content transferred may be audio or 
visual. The examiner notes that most communication to a mobile station, or cell phone, 
would be audio or visual in nature. The examiner is merely relying on Jaisimha to 
explicitly teach that the communication may be audio or visual, (Col 4 lines 36-42). 
There is nothing stated in Jaisimha that would prevent two devices from authenticating 
each other prior to transfer of data. As the examiner has stated in the rejection above, this 
authentication would actually enhance the security. MPEP 2143 states that motivation 
may be in knowledge generally available to one of ordinary skill in the art. The examiner 
asserts that one of ordinary skill in the art would recognize that authentication prior to 
transferring audio or visual contents would be beneficial in relation to security of that 
audio or visual content. 
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Appealed Claim 3 

The appellant argues that Herlin in view of Jaisimha does not teach that the 
authentications are independent of each other. The examiner asserts that each 
authentication, the Base station authenticating the mobile station, and the mobile station 
authenticating the base station, are independent processes and performed independent of 
each other. 

Appealed Claim 4 

The appellant argues that Herlin in view of Jaisimha does not teach that "additional data" 
is sent between the devices for deciding whether or not to proceed with subsequent 
authentication. The examiner asserts that additional data, such as a key, is send in 
addition to authentication data "triplets" to decide whether to proceed with subsequent 
authentication. 

Appealed Claim 9 

The appellant argues that Herlin in view of Jaisimha does not teach activating a 
communication link, transmitting data and performing authentication, and subsequent 
authentication sessions. Herlin teaches a first authentication where the mobile station 
authenticates the base station, and then a subsequent authentication where the base station 
authenticates the mobile station. 
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Appealed Claim 11 

The appellant argues that Herlin in view of Jaisimha does not teach a device receiving 
information decrypting and storing said information. 

The examiner argues that Herlin teaches using a link key to communicated securely. 
This inherently covers the process of encryption and decryption. Herlin also teaches that 
the devices send and store information in the authentication process, so the devices have 
the means for accepting and recording information ^ . 

Appealed Claim 12 

The appellant argues that Herlin in view of Jaisimha does not teach a portable device. 
The examiner asserts that Herlin teaches a mobile station, or a portable device. The 
clause "e.g. a headphone or a walkman" are not given patentable weight because they are 
claimed only as examples of a portable device. 

Appealed Claim 13 

The appellant argues that Herlin in view of Jaisimha does not teach short range wireless 
data communication. The examiner asserts that Herlin does teach short range wireless 
data communication, in that Herlin teaches a mobile telephone system. 

Appealed Claim 14 

The appellant argues that Herlin in view of Jaisimha does not teach a signal comprising 
data transmitted between the devices wherein the data is used for performing 
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authentication sessions for authenticating the devices. The examiner asserts that the 
signal comprising data transmitted between devices is used for performing authentication 
sessions, for example the triplet values, to verify the certificate of the device. 

Appealed Claim 15 

The appellant argues that Herlin in view of Jaisimha does not teach a first key and a 
second key obtained after performing the method of claim 1 . The examiner asserts that 
the signal comprises exchanging keys including the first and second key after performing 
the method of claim 1 . 

Appealed Claim 17 

The appellant argues that Herlin in view of Jaisimha does not teach determining a 
compliance level before transferring audio or visual content. The examiner asserts that 
the process of authentication used in Herlin in view of Jaisimha determines a level of 
compliance. The devices authenticate each other to determine a level of trust, and if 
authenticated, transfer the audio and visual data. 

Appealed Claim 19 

The appellant argues that Herlin in view of Jaisimha does not teach a device proves it is 
allowed to download content. The examiner asserts that the process of authentication 
used in Herlin in view of Jaisimha determines a level of compliance which is used to 
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prove it is allowed to download content. Herlin in view of Jaisimha also explicitly 
teaches downloading of said content. 

Appealed Claim 20 

The appellant argues that Herlin in view of Jaisimha does not teach claim 20, however 
the argument is moot, as the examiner did not reject claim 20 under this combination. 



III. 



Appealed Claim 2 

The appellant argues that Herlin in view of Jaisimha in view of Bluetooth Security 
specification Version l.OB does not teach for generating a link key for encryption and 
decryption for data communication by merging the first key with the second key 
The examiner asserts that Herlin in view of Jaisimha in view of Bluetooth teaches using a 
first key and a second key and merging them in an XOR fashion to create a new link key. 
The Bluetooth specification is merely relied on for this key combination method. The 
key combination method would be obvious to one of ordinary skill in the art because by 
combining both keys the security of the link key is enhances, ie. if one key is captured 
over the network, it cannot be used to compromise the system. 



Appealed Claim 5 
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The appellant argues that Herlin in view of Jaisimha in view of Bluetooth Security 
specification Version 1 .OB 

The appellant argues that Herlin in view of Jaisimha in view of Bluetooth Security 
specification Version l.OB does not teach an authentication session 
The examiner asserts that Herlin in view of Jaisimha in view of Bluetooth does teach a 
possible first authentication session, that would benefit the previous Herlin- Jaisimha 
combination when using the Bluetooth protocol. 

Appealed Claim 16 

The appellant argues that Herlin in view of Jaisimha in view of Bluetooth Security 
specification Version l.OB 

The appellant argues that Herlin in view of Jaisimha in view of Bluetooth Security 
specification Version 1 .OB does not teach for generating a link key for encryption and 
decryption for data communication by merging the first key with the second key 
The examiner asserts that Herlin in view of Jaisimha in view of Bluetooth teaches using a 
first key and a second key and merging them in an XOR fashion to create a new link key. 
The Bluetooth specification is merely relied on for this key combination method. The 
key combination method would be obvious to one of ordinary skill in the art because by 
combining both keys the security of the link key is enhances, ie. if one key is captured 
over the network, it cannot be used to compromise the system. 



IV. 
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Appealed Claim 8 

The appellant argues the Herlin in view of Jaisimha in view of Holloway does not teaches 
encrypting the second key with the first key. 

The examiner asserts that Holloway teaches encrypting one key with another and sending 
it to a recipient. It would have been obvious to one of ordinary skill in the art to use kl of 
Herlin as the key encrypting key of k2 because it is a one time key and would increase 
security, this knowledge would have been generally available to one of ordinary skill in 
the art. 

V. 

Appealed Claim 10 

The appellant argues the Herlin in view of Jaisimha in view of Crane does not teach an 
API for informing the consumer device about the protection status of another consumer 
device. 

The examiner asserts that Crane teaches an API for managing digital certificates and keys 
for security services. In combination with Herlin and Jaisimha the API would inform the 
other consumer devices about protection status by managing the keys and authentication 
process. 



VI. 



Application/Control Number: 09/982,260 



Art Unit: 2134 



Page 15 



Appealed Claim 18 

The appellant argues the Herlin in view of Jaisimha in view of Moskowitz does not teach 
determining a compliance level further comprises determining rights placed on the 
content to be transferred. The examiner asserts that the process of authentication used in 
determines a basic level of compliance Moskowitz teaches the further restriction of 
authorization rights to determine a further level of compliance. 

Appealed Claim 20 

The appellant argues the Herlin in view of Jaisimha in view of Moskowitz does not teach, 
wherein when the subsequent authentication is performed that the dovraloading of the 
audio visual content is limited in quality. 

The examiner, as previously asserted, argues that the authentication and authorization 
rights performed determine a level of compliance, and Mosowitz teaches that the level of 
compliance determines limiting the quality of media 

It would have been obvious to one of ordinary skill in the art to use the reduced quality 
media with the security of the Herlin-Jaisimha combination because it allows for 
unauthorized users to sample a product before deciding to purchase it. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the Related 
Appeals and Interferences section of this examiner's answer. 
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For the above reasons, it is believed that the rejections should be sustained. 
Respectfully submitted. 



Respectfully submitted, 
Christopher J. Brown 

Conferees: 
Kim Vu |H/ 
Kambiz Zand 




